Skip to content

Let's Encrypt failing is port 80 not mapped -> Show warning or error quicker #335

New issue
New issue
Open
Open
Let's Encrypt failing is port 80 not mapped -> Show warning or error quicker#335
@dewey

Description

@dewey
dewey
opened on Nov 25, 2024

Description of feature

When renewing a certificate the LE renewal is failing if there's no port 80 mapped to the app, adding the port 80 fixed the issue (dokku ports:add <app> http:80:3000). It was suggested on IRC to open a ticket to improve this behavior.

Please file a ticket for the port mapping issue, we can just error out immediately if a http:80 port mapping is not found

root@notmyhostname:~# dokku letsencrypt:list
-----> App name           Certificate Expiry        Time before expiry        Time before renewal
oe1.notmyhostna.me        2024-11-30 16:11:46       4d, 21h, 18m, 13s         25d, 2h, 41m, 47s ago
dewey.dev                 2025-02-16 05:26:16       82d, 10h, 32m, 44s        52d, 10h, 32m, 44s
root@notmyhostname:~# dokku letsencrypt:auto-renew oe1.notmyhostna.me
=====> Auto-renew oe1.notmyhostna.me...
=====> Enabling letsencrypt for oe1.notmyhostna.me
-----> Enabling ACME proxy for oe1.notmyhostna.me...
-----> Getting letsencrypt certificate for oe1.notmyhostna.me via HTTP-01
        - Domain 'oe1.notmyhostna.me'
        - Domain 'www.oe1.notmyhostna.me'
2024/11/25 18:55:08 [INFO] [oe1.notmyhostna.me, www.oe1.notmyhostna.me] acme: Obtaining bundled SAN certificate
2024/11/25 18:55:09 [INFO] [oe1.notmyhostna.me] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz/1923062956/435444805077
2024/11/25 18:55:09 [INFO] [www.oe1.notmyhostna.me] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz/1923062956/435444805087
2024/11/25 18:55:09 [INFO] [oe1.notmyhostna.me] acme: Could not find solver for: tls-alpn-01
2024/11/25 18:55:09 [INFO] [oe1.notmyhostna.me] acme: use http-01 solver
2024/11/25 18:55:09 [INFO] [www.oe1.notmyhostna.me] acme: Could not find solver for: tls-alpn-01
2024/11/25 18:55:09 [INFO] [www.oe1.notmyhostna.me] acme: use http-01 solver
2024/11/25 18:55:09 [INFO] [oe1.notmyhostna.me] acme: Trying to solve HTTP-01
2024/11/25 18:55:16 [INFO] [www.oe1.notmyhostna.me] acme: Trying to solve HTTP-01
2024/11/25 18:55:21 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz/1923062956/435444805077
2024/11/25 18:55:21 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz/1923062956/435444805087
2024/11/25 18:55:21 Could not obtain certificates:
	error: one or more domains had a problem:
[oe1.notmyhostna.me] acme: error: 400 :: urn:ietf:params:acme:error:connection :: 188.165.209.56: Fetching http://oe1.notmyhostna.me/.well-known/acme-challenge/KtNeC3zhJkR0Nnd4-fVf8yRx73okwzpu8rrc2j3CBEo: Error getting validation data
[www.oe1.notmyhostna.me] acme: error: 400 :: urn:ietf:params:acme:error:connection :: 188.165.209.56: Fetching http://www.oe1.notmyhostna.me/.well-known/acme-challenge/CeoQ7mWn2xRLQcN8ahC0opcxSMOeMNC836UnzIrvsKA: Error getting validation data
-----> Certificate retrieval failed!
-----> Disabling ACME proxy for oe1.notmyhostna.me...
 !     Failed to setup letsencrypt
 !     Check log output for further information on failure

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions